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Abstract 

We define a simply typed, non-deterministic lambda-calculus where isomorphic 
types are equated. To this end, an equivalence relation is settled at the term 
level. We then provide a proof of strong normalisation modulo equivalence. 
Such a proof is a non-trivial adaptation of the reducibility method. 

Keywords: typed lambda calculus, normalisation, type isomorphisms, 
deduction modulo 


1. Introduction 

The starting point of this work was to understand and formalize the non¬ 
determinism of quantum programming languages [3, 4], Unlike other calculi, 
that contain a non deterministic operator |, such that r | t reduces both to r 
and to t, possibly with some probabilities, the non-determinism of quantum 
programming languages comes from the interaction of two operators. The first 
allows to build a superposition, that is a linear combination, of two terms a.r + 
0.t, reflecting that a system may be in more than one state at a time. The 
second is a measurement operator n, reflecting that, during measurement, the 
state of such a system is reduced. 

The non-determinism arises from the combination of these two construc¬ 
tions as the term 7r(a.r + /3.t) reduces to r and to t with probabilities |a| 2 and 
0 1 2 . Leaving probabilities aside, the non-determinism, in quantum program¬ 
ming languages, comes from the combination of the operators + and 7r, as the 
term 7r(r + 1) reduces to r and to t. In other words, the primitive operator | of 
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non-deterministic languages is decomposed into two operators, and r | t can be 
seen as an abbreviation for 7r(r +1). 

The rules 

7r(r + t) -»r 

7r(r +1) —> t 

are reminiscent of the rules for pairing constructs 
7Ti(r,t) —> r 
7r 2 (r, t) ->t 

and it is therefore tempting to consider the term r +1 as the pair (r, t) and n 
as a projection, that projects the pair (r,t) to r and to t. 

As, in quantum programming languages, unlike with the usual pairing con¬ 
struct, the places in the pair are immaterial, and the superposed states r +1 
and t + r are identical, it is compelling to consider the pairs r +1 and t + r as 
identical and therefore the type A A B and B A A as identical. 

In typed A-calculus, the types A A B and B A A are known to be isomor¬ 
phic, thus our goal to understand the non-determinism of quantum program¬ 
ming languages, led us to consider quantum programming languages as typed 
lambda-calculi where isomorphic types were identified, thus pairs unordered, 
hence projection non-deterministic. 

In typed A-calculus, in programming languages, and in proof theory, two 
types A and B are said to be isomorphic, when there exists two functions (j> 
from A to B and t/> from B to A such that 'ilxpr = r for all terms r of type A 
and ifrtps = s for all terms s of type B. 

Isomorphic types are often identified in informal mathematics. For instance, 
the natural numbers and non negative integers are never distinguished, although 
they formally are different structures. In Martin-Lof’s type theory [23], in the 
Calculus of Constructions [9], and in Deduction modulo [17, 19], some isomor¬ 
phic types, called definitionally equivalent types, for instance x C y. x € P(y), 
and Vz (z e x =>■ z e y) are identified, but definitional equality does not handle 
all the isomorphisms and, for example, A A B and B A A are not identified: a 
term of type AAB does not have type BAA. 

It has already been noticed that not identifying such types has many draw¬ 
backs. For instance, if a library contains a proof of B A A, a request on a proof 
of AAB fails to find it [26] , if r and s are proofs of (A A B) C and B A A 
respectively, it is not possible to apply r to s to get a proof of C, but we need 
to explicitly apply a function of type (B A A) =>■ (A A B) to s before we can 
apply r to this term. If A and B are isomorphic types and a library contains a 
proof of a properties on A, we cannot use this property on B without any ex¬ 
tra transformation, etc. This has lead to several projects aiming at identifying 
in one way or another isomorphic types in type theory, for instance with the 
univalence axiom [27]. 

In [7] , Bruce, Di Cosmo and Longo have provided a characterisation of iso¬ 
morphic types in the simply typed A-calculus extended with products and a unit 
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type (see [13] for a concise overview on type isomorphisms, or [12] for a more 
comprehensive reference). In this work, we define a simply typed A-calculus 
extended with products, where all the isomorphic types are identified, and we 
prove strong normalisation for this calculus. All the isomorphisms in such a 
setting, are consequences of the following four: 


A/\B = B/\A 
A A (B A C) = (A A B) A C 
A ^ (B AC) = (A =► B) A (A ^ C) 

{AAB)=>C = A=>B**C 


(1) 

( 2 ) 

(3) 

(4) 


For example, A=$~B=>C = B=>A=$~C is a consequence of (4) and (1). 

Identifying types requires to also identify terms. For instance, if r is a closed 
term of type A, then \x A .x is a term of type A => A, and (Xx A .x, \x A .x) is a 
term of type (A =>■ A) A (A =>■ A), hence, by isomorphism (3), also a term of 
type A => (A A A). Thus the term ( Xx A .x , Xx A .x)r is a term of type A A A. 
Although this term contains no redex, we do not want to consider it as normal, 
in particular because it is not an introduction. So we shall distribute the appli¬ 
cation over the pair, yielding the term ((Xx A .x)r, [Xx A .x)r) that finally reduces 
to (r, r). Similar considerations lead to the introduction of several equivalence 
rules on terms, one related to the isomorphism (1), the commutativity of the 
conjunction, (r, s) (s, r); one related to the isomorphism (2), the associativ¬ 
ity of the conjunction, ((r,s),t) (r, (s,t)); four to the isomorphism (3), the 

distributivity of implication with respect to conjunction, e.g. (r, s)t <=t (rt, st); 
and one related to the isomorphisms (4), the currification, rst tA r(s, t). As our 
comma is associative and commutative, and because it can be identified with 
a non-deterministic operator, we will write it +. For instance, the equivalence 
due to the associativity of conjunction is rewritten (r + s) +1 r + (s +1). 

One of the main difficulties in the design of this calculus is the design of the 
elimination rule for the conjunction. A rule like “if r : A A B then 7Ti(r) : A”, 
would not be consistent. Indeed, if A and B are two arbitrary types, s a term 
of type A and t a term of type B, then s +1 has both types AaB and B A A, 
thus 7Ti(s + t) would have both type A and type B. The approach we have 
followed is to consider explicitly typed (Church style) terms, and parametrise 
the projection by the type: if r : A A B then 7T/t(r) : A and the reduction rule 
is then that tta{s +1) reduces to s if s has type A. 

Hence, this rule introduces the expected non-determinism. Indeed, in the 
particular case where A happens to be equal to B , then both s and t have type 
A and ^(s + t) reduces both to s and to t. Notice that although this reduction 
rule is non-deterministic, it preserves typing. This can be summarised by the 
slogan “the subject reduction property is more important than the uniqueness of 
results” [18]. 

Thus, our calculus is one of the many non-deterministic calculi in the sense 
of [6, 8, 10, 11, 24] and our pair-construction operator + is also the parallel 
composition operator of a non deterministic calculus. 
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In non-deterministic calculi, the parallel composition is such that if r and s 
are two A-terms, the term r + s represents the computation that runs either r 
or s non-deterministically, that is such that (r + s)t reduces either to rt or st. 
In our case, 7Te((r + s)t) is equivalent to 7Ts(rt + st), which reduces to rt or st. 

The calculus developed in this paper is also related to the algebraic calculi [1, 
2], some of which have been designed to express quantum algorithms. In this 
case, the pair s + 1 is not interpreted as a non-deterministic choice but as a 
superposition of two processes running s and t. In this case the projection 
7r is the projection related to the projective measurement, that is the only non 
deterministic operation. In such calculi, the distributivity rule (r+s)t rt + st 
is seen as the pointwise definition of the sum of two functions. 

The main difficulty in the normalisation proof seems to be related to the 
fact that our equivalence relation is “confusing”, that is, it equates types with 
different main connectives such as the isomorphism (3). In [19], for instance, 
only the case of “non confusing” equivalence relations is considered: if two 
non atomic types are equivalent, they have the same head symbol and their 
arguments are equivalent. It is clear however that this restriction needs to be 
dropped if we want to identify, for instance, A => (B A C) and (A => B) A {A =>- 
C). 

Summarising, this paper is the result of three motivations relatively indepen¬ 
dent: to formalise non-deterministic calculi, to integrate the type isomorphisms 
to the language, and to understand how much we can extend the deduction 
modulo techniques. 


2. The Calculus 

2.1. Formal Definition 

In this section we present the calculus. We consider the following grammar 
of types, with one atomic type r, 

A,B,C,... ::= t \ A => B \ A A B . 

The Isomorphisms (1), (2), (3) and (4) are made explicit by a congruent 
equivalence relation between types: 

AaB = BA A, A=>(BAC) = (A => B) A (A => C), 

(AAB)AC = AA(BAC), (AaB)=>C = A=>B=>C. 

The set of terms is defined inductively by the grammar 
r, s, t ::= x A \ Xx A .r | rs | r + s | 7rA(r) 

The set of contexts is defined inductively by the grammar 

<?H ['] I A x A .C[-] | C[-]r | rC[-] | £[•] + r | r + C[-]\ | 7ta(C[| 

The type system is given in Table 1. Typing judgements are of the form 
r : A. A term r is typable if there exists a type A such that r : A. 
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Because of the associativity property of +, the term r+ (s + t) is the same as 
the term (r + s)+t, so we can just express it as r + s + t, that is, the parenthesis 
are meaningless, and pairs become lists. In particular, we can project with 
respect to the type of s + t in the previous example. Hence, for completeness, 
we also allow to project a term with respect to its full type, that is, if r : ^4, 
then 7TA(r) reduces to r. 

Since our reduction relation is oriented by the types, we follow [21, 25], and 
use a presentation of typed lambda-calculus without contexts, which makes the 
reduction rules clearer. To this end each variable occurrence is labelled by its 
type, such as Xx A .x A or A x A .y B . We sometimes omit the labels and write, for 
example, Xx A .x for Xx A .x A . As usual, we consider implicit o-equivalence on 
syntactical terms. The type system forbids terms such as Xx A .x B when A and B 
are different types, by imposing preconditions to the applicability of the typing 
rules. Let S = {xf 1 ,...,x An } be a set of variables, we write S? to express 
that this set is functional, that is when Xi = Xj implies A* = A r For example 
{x A , y A ^ B y, but not {x A , x A ^ B }f. We write the preconditions of a typing 
rule, at its left. 

The sets FV{ r) of free variables of r, BV (r) of bounded variables of r and 
V(r) = FV (r) U BV (r) are defined as usual in the A-calculus (cf. [5, §2.1]). For 
example V(Xx A=>B= * c .xy A z B ) = {x A ^ B= * c ,y A , z B }. We say that a term r is 
closed whenever FV( r) = 0. 

Given two terms r and s we denote by r[s/ar] the term obtained by simulta¬ 
neously substituting the term s for all the free occurrences of x in r, subject to 
the usual proviso about renaming bound variables in r to avoid capture of the 
free variables of s. 

Lemma 2.1. If r: A and r: B, then A = B. 

Proof. Straightforward structural induction on the typing derivation of r. □ 

The operational semantics of the calculus is given in Table 2, where there are 
two distinct relations between terms: a symmetric relation ipf and a reduction 
relation which include a labelling -<6 or 5. Such a labelling is omitted when 
it is not necessary to distinguish the rule. Moreover, relation ^ is U c —>. 
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Symmetric relation: 


r + s 
(r + s) + t 
Aa; A .(r + s) 
(r + s)t 
TTA^B(Xx A .r) 

If r : A => (B A C), 7T A=s ,B(r)s 

rst 

If A = B, r 

f r : A AB ) 

If \ s:CAD }’ ^(r + s) 

Reductions: 


If s : A, (Aa; A .r)s 
If r : A, 7TA(r + s) 


If 


If r : A, n A {r) 
r:A/\B \ 
r^*s + t J ’ r 


s + r (comm) 

r + (s + t) (asso) 

A:r A .r + A:r A .s (dist^) 

rt + St (DISTje) 

Aaj A .7rs(r) (DisTe*) 

7TB (rs) (DIST ee ) 

r(s +1) (curry) 

r[A/B\ (subst) 

7T^(r)+7Tc(s) (SPLIT) 

r[s/a;] fiS) 

r (■*„) 

r (m) 

7T A (r) +7r B (r) (6) 


r s 

C[ r] C[s] 




C[ r] 4 C[s] 


r^s C[-]P*C'[w A (-)] ( 

C[r) 4 C[s) 


Table 2: Operational semantics 


Type substitution on a term r, written r[A/B\, is defined by the syntactic 
substitution of all occurrences of B in r by A. We write and for the 
transitive and reflexive closure of and respectively. Note that i=S* is an 
equivalence relation. We write for the relation “—>• modulo (i.e. r s iff 
r <=±* r' c —> s' s), and for its reflexive and transitive closure. 

Each isomorphism taken as equivalence between types induces an equiva¬ 
lence between terms, given by relation <=h Four possible rules exist however 
for the isomorphism (3), depending of which distribution is taken into account: 
elimination or introduction of conjunction, and elimination or introduction of 
implication. 

Only two rules in the symmetric relation are not a direct consequence 
of an isomorphism: rules (subst) and (split). The former allows to update the 
types signature of the Church-style terms. The latter is needed to be used 
in combination to rule (DisT ei ) when the argument in the projection is not a 
A-abstraction, but a A-abstraction plus something else (cf. Example 2.10). 

Rule (5) has been added to deal with curryfication, (cf. Example 2.9). Notice 
that the condition in this rule not only asks for the term to not be a sum, 
but to not be equivalent to a sum. Lemma 2.4 ensures that the equivalent 
classes defined by relation <=±*, {s | s r}, are finite, and since the relation is 
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computable, the side condition of (S) is decidable. 

In addition, Lemma 2.4 also implies that every reduction tree is finitely 
branching. 

To prove that for any term r, the set {s | s r} is finite, one possible way 
would be to prove that if r s then S( r) = S(s) where the size S(r) of a term 
r is defined as the number of variables and symbols A and 7r 

• S(x A ) = 1, 

• S(Xx A .r) = l + S(r), 

• S(rs) = S(r) + S(s), 

• S(r + s) = S(r) + S'(s), 

• S(n A (rf) = 1 + S(r). 

Indeed, the set {s | s «=** r } would then be a subset of the set {s | FV (s) C 
FV( r) and S( s) = S(r)} which is finite. 

Unfortunately, it is not the case that the size S is an invariant for the relation 
as the rule (dis*«) 


A:r A .(r + s) ^ Xx A .r + Aie a .s 

for instance duplicates the symbol A and the term Xx A .(x + x) is equivalent to 
Xx A .x + Xx A .x, while S(Xx A .(x + x)) = 3 and S(Xx A .x + Xx A .x) = 4. In the 
same way, the rule (Dis-r ie ) 

(r + s)t ^ rt + st 

duplicates the term t. 

However, the number of times the symbol A can be duplicated in the term 
Xx A .t, is bounded by the number of symbols + that the term t may generate. 
A bound P(t) on this number is easy to define 

• P(x A ) = 0, 

• P(Xx A .r) = P( r), 

• P(rs) = P(r), 

• P(r + s) = l+P(r)+P(s), 

. P(7TA(r)) = P(r). 

and we can define a size-like measure on terms M, such that M(r) is a bound 
on the size of s for s r. For instance M(Xx A .r) is not 1 + M(r) but 1 4* 
M(r) + P(r), to express that the size of s may be bigger than that of r, because 
a symbol A may be duplicated in s, but not much bigger, as it can be duplicated 
at most P(r) times. 

• M(x A ) = 1, 
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• M{\x a .y) = 1 + M{r) + P(r), 

• M(rs) = M(r) + M(s) + P(r)M(s), 

• M(r + s) = M(r) + M(s), 

• M(7r A (r)) = l + M(r) + P(r). 

Prior to state and prove Lemma 2.4, we need the following two auxiliary lem¬ 
mas, showing that P(t) and M(t) are invariant with respect to (Lemmas 2.2 
and 2.3 respectively). 

Lemma 2.2. If s then P(r) = P(s). 

Proof, r + s <=* s + r: P(r + s) = 1 + P(r) + P(s) = P(s + r). 

(r + s) -1; > r + (s +1): P((r + s) +1) = 1 + P(r + s) + P(t) 

= 2 + P(r) + P(s) + P(t) = 1 + P(r) + P(s +1) 

= P(r+(s + t)) 

Aa; A .(r + s) Xx A .r + Xx A .s: P(Xx A .(r + s)) = P(r + s) 

= 1 + P(r) + P(s) = 1 + P(Xx A .r) + P(Xx A .s) 
= P(Xx A .r + Xx A .s) 

(r + s)t <=t rt + st: P((r + s)t) = P(r + s) 

= 1 + P(r) + P(s) = 1 + P(rt) + P(st) 

= P(rt + st) 

■ka^b(Xx a .y) ^ Xx a .ttb{y): P(tt a ^b(Xx a . r)) = P(Xx A .r) 

= P(r) = P( ttb (r)) 

= P( Xx A .n B (r)) 

tta=!.b( r)s ^ 7 Tb( rs): P(nA=t.B(r)s) = P(nA^B(r)) 

= P(r) = P(rs) 

= P(7r s (rs)) 

(rs)t r(s +1): P((rs)t) = P(rs) = P(r) = P(r(s +1)). 
r^r [A/B\: P(r) = P(r[A/B}). 

7TAAc(r + s) ^ 7r A (r) + 7r c (s): P(n A Ac(r + s) = P(r + s) 

= 1 + P(r) + P(s) = 1 + P(7r A (r)) + P(ttc(s)) 
= P(7T A (r) +7Tc(s)) 

C[r] C[s] with r s : Straightfoward case by case on the structure of C[-]. 
For example, let C[-\ = C"[-]+t, then P(C[rj) = l+P(C"[r])+P(t), which, 
by the induction hypothesis, is equal to 1 + P(C"[s]) + P(t) = P(C[s]). □ 
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Lemma 2.3. Ifr^s then M{r ) = M{s). 

Proof. We proceed by structural induction on relation 
r + s s + r: M(r + s) = M(r) + M(s) = M{ s + r). 

(r + s) + t <± r + (s +1): M((r+s)+t) = M(r)+M(s)+M(t) = M(r+(s+t)). 
Xx a .{y + s) Xx A .r + AaAs: M(Xx A .(r + s)) 

= 2 + M(r) + M(s) + P(r) + P( s) 

= M ( Xx A .r + Xx A .s) 

(r + s)t rt + st: M((r + s)t) 

= M(r + s) + M(t) + P(r + s)M(t) 

= M(r) + M(s) + 2M(t) + P(r)M(t) + P(s)M(t) 

= Af(rt) + M(st) 

= M(rt + st) 

ka^b{Xx a .y) s* Xx a .tt b {y): M(it a ^ b (Xx a .y)) 

= 1 + M{Xx a .y) + P{Xx a .y) 

= 2 + M(r)+2P(r) 

= M(Xx a .tt b (y)) 

Tr A ^ B (Y)s<^n B (Ys): M(tt a => b (y)s) 

= M(7TA=>B{r)) + M( S) + P(7TA=> B ( r ))M(s) 

= 1 + M(r) + P(r) + M(s) + P(y)M(s) 

= 1 + M(ys) + P(rs) 

= M(tt(ys)) 

(rs)t ^ r(s +1): M((rs)t) 

m M(rs) + M(t) + P(rs)M(t) 

= M(r) + Af( s) + P(r)M(s) + M(t) + P(r)M(t) 

= M(r) + M(s +1) + P(r)M(s +1) 

= M(r(s +1)) 
r^r[A/P]: M(r) = M(r[A/P]). 

7TAAc(r + s) ^ 7r A (r) + 7T C (s): M(7T A Ac(r + s)) 

= 1 + M(r + s) + P(r + s) 

= 1 + M(r) + M(s) + 1 + P(r) + P(s) 

= M(ita(y)) + M(jrc{s)) 

= M(ita(y) +ttc(s)) 
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C[r] <=* C'[s] with r <=^ s : Straightfoward case by case on the structure of C[-]. 
For example, let C[-] = Xx A .C'[\, then M(C[ r]) = l+M(C , [r])+P(C"[r]), 
which, by the induction hypothesis, is equal to l+M(C"[s])+P(C"[r]), and 
this, by Lemma 2.2, is equal to 1 + M(C'[ s]) + P(C"[s]) = M(C[ s]). □ 

Lemma 2.4. For any term r, the set {s | s r} is finite (modulo a- 
equivalence). 

Proof. As {s | s 5=±* r} C {s | FV( s) = FV( r) and Af( s) = M(r)} C 
{s | FV (s) C FV (r) and M(s) < M (r)} all we need to prove is that for all nat¬ 
ural numbers n, for all finite sets of variables P, the set H(n,F) = {s | FV (s) C 
P and M (s) < n } is finite. 

We first prove by induction on s that M(s) > 1 and then the property by 
induction on n. For n = 1 the set {s | FV (s) C F and M(s) < 1} contains only 
the variables of F. Assume the property is proved for n then H(n + 1, P) is a 
subset of the finite set containing the variables of P, the abstractions (Aa: A .r) 
for r in H(n, F U {a:" 4 }), the applications (rs) for r and s in H(n, F), the sums 
r + s for r and s in H(n,F), the projections tv a (r) for in H(n,F). □ 

2.2. Examples 

Example 2.5. Let s : A and t : B. Then ttb=$.a((\x Aab -x)s)t : A, 

Xx AAB .x : (A A B) =>■ (A A B) 

Xx Aab .x:A^B^(AaB) ~ s : A ^ % 

(Xx AAB .x)s : B => (A A B) ~ ^ 

(Xx AAB .x)s : (P =► A) A (P =► B) “ } 

ttb^a((Xx Aab . x)s) : B ^ A~ t : B 

ttb^a((^x Aab . x)s)t : A 


The reduction is as follows: 

7TB^A((Aa: AAB .a:)s)t Tr A ((^x AAB .x)st) ^ 7TA((Aa:' 4AB .a;)(s +1)) 

e— t 71^1 (s +1) c —>■ s 

Example 2.6. Let r : A, s : B. Then [Xx A .Xy B .x)(r + s) pi (Xx A .Xy B .x)rs 
M-* r. However, if A = B, it is also possible to reduce in the following way 

(Aa; A .Ay B .a;)(r + s) W ( Xx A .Xy A .x)(r + s) 

P* (Xx A .Xy A .x)(s + r) 

5=^ (Xx A .Xy A .x)sr 
M-* s 

Hence, the encoding of the projector also behaves non-deterministically. 
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Example 2.7. Let IF = \x A .\y B .(x + y). Then 


_ 

Xy B .(x + y):B=>(AAB) 

TF : A => B => {A A B) 

IF : (A => B => A) A (A =*• B => B) 
■ka^b^a{TP) : A=> B => A 


mi 

(A.) 


Then, if r : A and s : B, we have tta^b^a (TF)rs : A. Notice that 


tta=>b^a (TF)rs r* ir B ^ A {TFr)s 5=t ^(TFrs) M-* n A (r + s) r 
Example 2.8. Let T = Xx A .Xy B .x and F = Xx A .Xy B .y. Then 

T-.A^B^A F : A=> B => B (A<) 

T + F : (A =>- B =► ,4) A {A =► B =► B) TF : (A =$■ B =$- A) A (A => B =$■ B) 
T + F + TF:((A^B^A)A{A^B^B))A((A^B^A)A{A^B^B)) 


Hence 7 T( j 4=^b=s.a)a(a=s>b=^b)(T+F + TF) is well typed and reduces non-determi- 
nistically either to T + F or to TF. Moreover, notice that T + F and TF are 
observationally equivalent, that is, (T + F)rs and TFrs both reduce to the same 
term (r + s). Hence in this very particular case, the non-deterministic choice 
does not play any role. We will come back to the encoding of booleans on this 
calculus on Section 4.3. 


Example 2.9. Let r : C. Then 

Xx AAB)^A Xy (AAB)^B r . A B)^A)^((AAB)^B)^C 

and since {(A A B) =► A) =► {{A A B) =► B) => C = {{A A B) =k {A A B)) => C, 
we also can derive 

Xx AAB)^A Xy (AAB)^B r . ^ A B) =*■ (A A B)) => C 

Hence, 

{Xx^ Aab) ^ a .X y( AAB m B . r )(Xz AAB . z ) : C 
The reduction is as follows: 


{Xx^ AAB m A .Xy^ B m B .t) (A z AAB ) 

^ (Xx^ B ^ A .Xy( AAB ^ B .t) [ Haab) ^ a {Xz A ab ) + ^ Aab) ^ b {Xz A ab )) 
i* ({Xx( AAB m A .x y i AAB m B A) HAAB) ^ A { Xz AAB^ HAab) ^ b (Xz aab ) 

^*t[nAAB)^A(Xz AAB )/x][^ AAB) ^ B (Xz AAB )/y} 
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Example 2.10. Let r : C. Then 


_ x AAB : A A B (aX) {sH 

Xx Aab .x:{AaB)^{AaB) * r : C ) 

(Xx Aab .x) + t:(AaB)=>(AaB)AC * 

(. \x AAB .x ) + r : ((4 A B) => A) A C A {A A B) => B) ~ } 

k((aab)=s>a)ac((Xx Aab .x) + r) : ((A A B) => A) A C) 

The reduction is as follows: 


7T((Aab)^A)ac((Az aab .:e) + r) ^ n {AAB) ^ A (Xx AAB .x) + ir c (r) 
^ K(Aab)=>a(Xx Aab . x) + r 
0 (Xx Aab .tt a (x)) + r 


2.3. Subject Reduction 

Our system has the subject reduction property, that is, the set of types as¬ 
signed to a term is invariant under and e -K Before proving subject reduction, 
we need the following results. 

Lemma 2.11 (Generation Lemmas). 

1. If x A : B, then A = B. 

2. If Xx A .r : B, then B = A^ C, r: C and ( V{r ) U {x A }) f . 

3. If rs : B, then r: A =>• B and s : A. 

4. If r + s : A, then A = B A C with r : B and s : C. 

5. Ifn A (r) : B, then A = B and (r:B or r : B AC). 

Proof. The proof follows by a straightforward induction on the typing deriva¬ 
tion. To notice that such an induction is straightforward, it suffices to real¬ 
ize that the only typing rule not changing the term, is (=). For example, if 
Xx A .r : B. then the only way to type this term is either by rule (=>,;), and so 
B = A =>• C for some, C, r : C and (F(r) U {x A })*, or by rule (=), and so the 
induction hypothesis applies and B = A => C. □ 

In the remaining of this paper, we may use Lemma 2.11 implicitly. 

Lemma 2.12 (Substitution Lemma). If r: A, s: B and (V(r) U {x B }) f , then 
r\s/x B ] : A 

Proof. We proceed by structural induction on r. 

• Let r = x A . Since (V(x A ) U {x B }) f implies A = B. we have s : A. Notice 
that x A [s/x A ] = s, so £ A [s/:r B ] : A. 

• Let r = y A , with y ^ x. Notice that y A [s/x B ] = y A , so y A [s/x B ] : A. 
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• Let r = \y c .r'. Then A = C => D, with r ' : D. By the induction 
hypothesis r'[s/x B ] : D. and so, by rule (=%), Ay c '.r'[s/a; B ] : C => D. 
Since Ay c .r'[s/a; B ] = ( Xy A .r')[s/x B ], using rule (=), (Xy c .r')[s/x B ] : A. 

• Let r = rir 2 . Then ri : C => A and r 2 : C. By the induction hy¬ 
pothesis ri[s/x B ] : C =>■ A and r 2 [s/x B ] : C, and so, by rule (=> e ), 

(ri[s/x B ])(r 2 [s/a; B ]) : A. Since (ri[s/ir B ])(r 2 [s/x B ]) = f>ir 2 )[s/x B ], we 
have (rir 2 )[s/x B ] : A. 

• Let r = ri + r 2 . Then ri : A\ and r 2 : A 2 , with A = A i A A 2 . By 
the induction hypothesis r-| [s/x n \ : A± and r 2 [s/x B ] : A 2 . and so, by rule 
(A*), (ri[s/x B ]) + (r 2 [s/x B ]) : Ai A A 2 . Since (ri[s/x B ]) + (r 2 [s/x B ]) = 
(ri + r 2 )[s/x B ], using rule (=), we have (ri + r 2 )[s/x B ] : A. 

• Let r = tv a (r'). Then either r' : A, or r' : A A C. By the induction 

hypothesis, either r'[s/x B ] : A or r'[s/x B ] : A A C. In any case, either by 

rule A ei or A e „, 7rA(r'[s/x B ]) : A. Since 7TA(r'[s/x B ]) = 7TA(r')[s/x B ], we 
have 7TA(r')[s/x B ] : A. □ 

Theorem 2.13 (Subject reduction). If r: A and r^->s or s then s : A. 

Proof. We proceed by induction on the rewrite relation. 

r + s<=^s + r: If r + s : A, then A = A\ A A 2 = A 2 A Ai, with r : A\ and s : A 2 . 
Then, 


s + r : A 2 A Ai 
s + r : A 


(r + s) + t ^ r + (s +1): 

If (r + s) +1 : A, then A = (A x A A 2 ) A A 3 = 
r : Ai , s : A 2 and t : A 3 . Then, 


A L A (A 2 A A 3 ), with 


r : Ai s + t : A 2 A A 3 
r + (s + t) : A\ A (A 2 A A 3 ) 
r + (s + t) : A 


(<_) Analogous to (“*■). 

Ax B .(r + s) Ax B .r + Ax B .s: 

(“*■) If Ax B .(r + s) : A, then A = B 
with r : Ci and s : C 2 . Then, 


(Ci A C 2 ) =(B^ Ci) A (B => C 2 ), 


__ (=*) _ a 

\x B .r : i? => Cj Ax B .s : B =; 

Xx B .r + Xx B .s : (B =>■ Ci) A (B => 
Xx B .r + Xx B .s : A 


>C 2 

Ci) 


(Ai) 

(B) 
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(<_) If Xx B .r + Xx B .s : A, then A = (B => C x ) A (B => C 2 ) = B => 
(Cl A Ca), with r : Ci and s : C2. Then, 
r : Ci s : C 2 A . 

_ r + s : Ci A C 2 _ 

Xx B .(r + s) : B=» (Ci AC 2 ) ’ 

Aa; 8 .(r + s) : A 


(r + s)t ^ rt + st: 


(“*) If (r + s)t : A, then r + s : B => A, and t : B. Hence A = A\ A A 2 , 
with r : B => A\ and s : B => A 2 . Then, 


r : B => A\ t : B ^ ^ s : B => A 2 
rt : A\ e st : A 2 

rt + st : Ai A A 2 (=) 
rt + st : A 


t : B 

(Ai) 


(=>.) 


(<_) If rt + st : A, then A = A\ A A 2 with r : B =>■ Ai, s :£?'=>■ A 2 , t : B 
and t : B'. By Lemma 2.1, B = B'. Then 

s : B =3- A 2 
r:B=>A x s : B => A 2 
r + s:(B=>Ai)A(B=»A 2 ) J 

r + s : B =>• (Ai A A 2 ) t : B 

(r + s)t : Ai A A 2 
(r + s)t : A 


kb=>c(Xx b .r) <=► Xx B ,-kc (r): 

If 7TB^c(Aa;- B .r) : A, then A = B => C and either Xx B .r : B => 
(C A .D) or Aa; 8 .r : C => C. Hence either r : C A H, or r : C. In any 
case, either by rule (A ei ) or (A e „), 7rc(r) : C, so 

Xx B .nc(r):B^C 
Xx B .n c(r) : A 


(<_) If Aar 8 .7rcr(r) : A, then A = B => C and 7rc(r) : C, so either r : CAD 
or r : C. Hence, either 


r : C A D ^ 
Xx B .r : B => (C AC) 

Xx B .y : (H => C) A (H => D) ^ 
(Aa; 8 .r) : B =» C ( _ } A * 
7TB^c(Ax 8 .r) : A 


or 


r:C - (=>«) 

Xx B .y : B => C 

ttb^c{Xx b .y) : B => C 
ttb^.c{Xx b .y) : A 


(Aa) 

C«) 
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TTB^c(r)s <=* 7T C (rs) with r : B => (C A D): Then s : B. 


( _> ) If 7Ts^c(r)s : A, then A = C. 


t:B=>{CaD) 
rs : C A D 
7rc(rs) : C 
7rc(rs) : A 


s : B 


(kr 


(=>.) 


(<_) If 7rc(rs) : A, then A = C. 

r:B^(CAD) 
r : (B => C) A (B => D) 

7TB=>c(r) ■■ B => C s : B 

ttb^c (r)s : C 
ttb=k 7 (r)s : A 


rst r(s + t): 

( -> ) If rst : A, then r : B => C => A = (B A C) => A, s : B and t : C. 
Then, 

r : B => C => A s : B t : C (A , 
r:(BAC)=>4 s + t : B A C J 

r(s + t) : A 

(<_) If r(s + 1) : A, then r : (B AC) => A = B => C => A, s : B and t : C. 
r:(BAC)^A 


Then 


r :B = 


rs : C = 


t : C 


rst : A 


(^e) 


r <=t r [B/C] with B = C: If r : A, since A = A[B/C], a straightforward induc¬ 
tion on r allows to prove r [B/C\ : A. 

Kb ad (r + s) -n B (r) + 7rp (s) with r : B A C and s : D A E: 


(“*) If 7TsA£>(r + s) : A then A = B A D. Then 

r : B A C s s : D AE , 


7TB (r) : B 


ttd(s) : D 


7TB (r) +7Td(s) : A 


(<_) If n B (r) + ttd(s) : A, then A = B A D. Then 

r : B AC s : D AE , A , 
r + s:(6AC)A(BAfi) ‘ 
r + s:(BAB)A(CA£) 
7TBAp(r + s):BAD (=) 
7TBAB>(r + s) : A 
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(Aa; B .r)s r[s/x] with s : B: If (Xx B .r)s : A, then Xx B .r : B => A and s : B, 
and so r : A and (V(r) U {x B }Y . Then by Lemma 2.12, r[s/a: B ] : A. 

7Ts(r + s) r with r : B: If 7r B (r + s) : A, then A = B, and so, by rule (=), 
r : A. 


7Ts(r) r with r : B: If 7rs(r) : A, then A = B, and so, by rule (=), r : A. 


ttb( r) + 7rc(r) with r y^* rq + r 2 and r : B A C: If r : A then A = B/\C. 
Then 


7t b (r) : B 


n B (r) : B 


7r B (r)+ 7r c (r) :BAC 
7TB (r) + 7TC (r) : A 


Contextual cases Let t —> r, where —> is either or c ->. 

Xx B .t Xx B .r If Aa; B .t : A, then A = B => C and t : C, hence by the 
induction hypothesis, r : C and so Xx B .r: B => C = A. 

ts —»• rs If ts : A then t : B => A and s : B, hence by the induction 
hypothesis, r : B => A and so rs : A. 

st —> st If st : A then s : B =>■ A and t : B. hence by the induction 
hypothesis r : B and so sr : A. 

t + s—>r + s Ift + s:A then A = Ai A A% where t : A± and s : A 2 , hence 
by the induction hypothesis, r : A\ and so r + s : A\ A A 2 = A. 

s +1 —> s + r Analogous to previous case. 

7TB(t) -> 7r b (r) If 7TB(t) : A then A = B and t : B A C or t : B, hence by 
the induction hypothesis r : B A C or r : B, in any case, 7Tb (r) : B 
A. □ 


3. Strong Normalisation and Normal Forms 

3.1. Strong Normalisation 

Now we prove the strong normalisation property. In our setting, strong 
normalisation means that every reduction sequence fired from a typed term 
eventually terminates in a term in normal form modulo <=^*. In other words, 
no ^ reduction can be fired from it, even after steps. Formally, we define 
Red(r) = {s | r s}. Hence, a term r is in normal form if Red(r) = 0. 
When r is strongly normalising, we write (r)| for the maximum number of 
steps needed to get a normal form of r. We denote by SN the set of strongly 
normalising terms. 

We use the notation (Aj) i=1 => B for Ai => • • • => A rl => B. with the 
convention that (Aj) i=1 => B = B. In addition, we write s for Si ... s n . 

The normalisation proof is based in the representation lemma for types 
(Lemma 3.4), for which we define conjunction-free types as follows. 
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Definition 3.1. A conjunction-free type is a type without conjunctions, which 
can be produced by the following grammar: 

S,R,T ::=t \ S => R 

The canonical form of a type, written can(A), is a conjunction of conjunction- 
free types, and it is defined inductively by 

can(r) = r can(A £) = let A?=i S t = can(A) in 

can (A A B) = can (A) A can(£) let Ajli Rj = can (£) in 

a;=i (MLi => rj) 

Example 3.2. can((SiAS 2 ) =A (SiA£ 2 )) = (Si =► S 2 => £i)A(Si =► S 2 => S 2 ) 
Lemma 3.3. For any A, A = can(A). 

Proof. We proceed by structural induction on A. 

• Let A = t. Then A = can(A). 

• Let A = SAC. By the induction hypothesis B = can(B) and C = can(C), 
hence A = can(S) A can(C) = can(B A C) = can(A). 

• Let A = B => C. By the induction hypothesis B = /\" =1 Si and C = 

AJi-i -Rj, so A = (AS.J Sj) =► (AJli Rj) = AjLi (AILi SO =* R.i which is 
finally equivalent to Aj=i (S,;) i=1 => Rj. □ 

Lemma 3.4. For any A, can(A) = A?=i r > n — 1 and\/i,m,i > 

0. J 

Proof. We proceed by structural induction on A. 

• A = r. Then take n = 1 and mi = 0. 

• A = S A C. By the induction hypothesis can(S) = Ai=i (Sij)^u =► T 
and can(C) = A"=fe+i (S*i)^x t, so can(S A C) = can(S) A can(C) = 

AILi (Rij)j=i =k T - 

• A = S =>• C. By the induction hypothesis can(S) = A"=i i =k r 

and can(C) = Aj=i (Rji^Li T - Then we have that can(S =>■ C) = 

Aj=l i(Rik)k—l r )i=l ^ (Rji)im 1 => T = Aj = l 1 =► T ) with 

Tji = (Sjfe)^! =>■ t if i < n, and T# = if i > n. □ 

Definition 3.5. The interpretation of canonical types is given by 

|A G%)-=1 =* r ] = { r I Vi ’ [ jl e i^?mi implieS G SN ] } 

where n > 1, and m> 0. 

The interpretation of a general type A is defined by [can(A)J. 
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In order to prove that equivalent types have the same interpretation (Corol¬ 
lary 3.10), we need first the following intermediate results. 

Definition 3.6. Let can*°(A) be defined in a similar way than can(A) but where 
each time there is a conjunction, it is taken in quasi-lexicographic order (that 
is, strings are ordered firstly by length, and then lexicographically), and with 
the parenthesis associated to the right. 

Example 3.7. Let Si < S 2 < S 3 and Ri < R 2 . 

• can io ((r r) A t) = r A (r =>■ r). 

• can lo {/\ 3 i=1 S i ) = S 1 /\(S 2 AS 3 ). 

• can lo ((S 2 A S 3 ) A Si) = Si A (S 2 A S3). 

• can io ((S 2 A Si) =► R) = Si =» S 2 => R. 

• can*°((S 2 A S x ) => (Ri A R 2 )) = (Si =► S 2 => Ri) A (Si => S 2 => ifc). 
Lemma 3.8. If A = B, then can io (A) = can lo (B). 

Proof. By induction on the equivalence relation. 

• AaB = BaA. Let can io (A) be equal to can io (/\" =1 Sf) and can lo (B) equal 
to can io (/\™ =1 Rj). Then can lo (A A B) = can io ((A"=i Sf) A (A”li Rj) = 
can lo (B A A). 

• (A A B) A C = A A (B A C). Analogous to the previous case. 

• A => (B A C) = {A => B) A {A => C). Let can 1 °{A) = can io (A,"=i Sj), 
can lo (B) = can io (Aj = i Rj) and can io (C) = can io (A”l/. + i Rj), so can io (BA 
C) = can io (A" = i Rj). Hence, can*°(A =► (BAC)) = can io (A”Li Wk=! =► 
Rj) = can io (can io (A =>• B) A can lo (A => C)) = can io ((A => B) A (A => C)). 

• {AAB)^C = A^B^C. Let can 1 °{A) = can lo (/\^ =1 Si), can l °(B) = 
can io (A" =fe+ i Sj) and can lo (C) = can*°(Aj=i Rj). Hence, can lo ((AAB) =>■ 
(7) = can io (Aj=i (Si)^_i =>■ Rj). 

On the other hand, can lo (B =£■ C) = can*°(AyLi (Sj)”.^! =(► i?j), so 
can*°(A =>■ B => C) = can io (A”li (Sj)^ =1 =k (Sj)" =fc+1 =>■ Rj), and notice 
that this is equal to can*°(AyLi (Si)” =1 =>■ I?j) = can*°((A A B) =k C). 

• Congruence: 

— Let A = B be a consequence of A = B. Trivial case. 

- Let A = C be a consequence of A m B and B = C. By the induc¬ 
tion hypothesis can ,0 (A) = can k, (B) and can lo (B) = can lo (C), hence 
can Io (A) = can lo (C). 
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— Let A=>C = B=>Cbe& consequence of A = B. Let can*°(A) = 
can*°(A"=i Si), and can lo (C) = can io (Ayli Rj). Then can*°(A => 
C ) = can , 0 (/\”l ;1 (Si ) i=1 => Rj). By the induction hypothesis, we 
have that car\ lo (B) = can*°(A"=i Si), and hence can*°(i? => C) = 
can io (A™ x WifLi => Rj) = can lo (A ^ C). 

- Let AAC = BACbe& consequence of A = B. can lo (A AC) = 
zan lo {can lo {A)Acan lo {C)), which by the induction hypothesis, is equal 
to can io (can io (B) A can*°((7)) = can io (B A C). □ 

Lemma 3.9. VA, [can (A)] = [can*°(A)J. 

Proof. Let can(A) = A"=i (RijjjHi T - Hence, [can(A)J = {r | Vi, if for 
j = 1,..., mj, s ij G [i Sij}, then _^.(r)si G SN}, which, by rule (subst) is 

equal to {r | Vi, if for j = 1,.. .,m,, sg € [StfJ, then n can i‘>('(s^j m * ; ^fr)s,- G 
SN} = [can* 0 (A)]. 3_1 □ 

Corollary 3.10. If A = B, then [can(A)J = [can(B)]. 

Proof. By Lemma 3.8, A = B implies can lo (A) = can lo (B), and by Lemma 3.9, 
[can(A)] = [can io (A)J for all A. Hence, 

[can(A)J = [can*°(A)] = [can*°(B)] = [can(B)] □ 

Lemma 3.11. VA, [can(A)J ^ 0. 

Proof. If s S SN, then both x A s and tvb{x a )s are in SN, hence for all A, 
£ [can(A)]. □ 

Lemma 3.12. VA, [can(A)| C SN. 

Proof. Let can(A) = /\"= i (Sij)™! i =>• r and r G [can(A)J. Assume r 0 SN, 
then for any s, 7^77(r)s ^ SN. A contradiction. □ 

Lemma 3.13. If r & SN, then 7r^(r) G SN. 

Proof. We proceed by induction on the sum the size of r and the sum of the 
number of steps to reach the normal form by any path starting on r. The 
possible reduction from 7174 (r) are: 

• 7q4(r'), and so the induction hypothesis applies, 

• r', with r' : A and either r S r' + t or just r r'. In any case, since 
r G SN, then r' G SN. 

• TOi^ri) + 7TA 2 (r 2 ), with A = Ai A A 2 , and r pri + r 2 . Since r G SN, 
then ri G SN and r 2 G SN. Hence the induction hypothesis applies. 
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• -KAx (7Tyi(r)) + 7 ta 2 (^(r)), with A = Ai A A 2 , and r ri + r 2 . Hence we 

cannot reduce the projection in head possition, not tta, we must reduce 
r first. If there is not ri + r 2 in the path to reach the normal form of 
r, then we are done. Suppose there is ri + r 2 . Then the projection will 
project either ri or r 2 . In any case, since r G SN, we have ri G SN and 
r 2 G SN. □ 

Lemma 3.14. If ri G SN and r 2 G SN, then n + r 2 G SN 

Proof. First we prove the following property: If ri + r 2 s '-»• s', then, there 
exist ti and t 2 such that s' ti +1 2 , with either (ri -w ti and r 2 t 2 ) or 
(ri ti and r 2 = t 2 ) or (ri = ti and r 2 t 2 ). Once this property is proven, 
we have that if ri + r 2 is not in SN, then for each s in the infinite reduction 
path, s ti + t 2 such that either ri ti and r 2 t 2 or ri ti and r 2 = t 2 
or ri = ti and r 2 t 2 . In any case, at least one of ri and r 2 has an infinite 
path reduction, which is an absurd since ri and r 2 are in SN. 

We proceed to prove the needed property. 

The possible terms s ri + r 2 are: 

• + r 2 with ri r' : and r 2 r 2 . This is the trivial case. 

• Xx^ 1 ... Xx^.fr^ + r 2 ), with 


ri 

r 2 


<=^* Xxf 1 ... Xx^ n .r[ 
Xx^ 1 ... Xx£ n .r' 2 


Then the only possible reduction from this term is 


Xx^ 1 ... Xx^ n .(r" + r 2 ) 


with (r' x r" and r 2 = r 2 ), or (r^ = r" and r 2 r 2 ). 

In any case, it is equivalent to Xxf 1 ... Xx^ n .r" + Xxf 1 ... Xx^ n ,r 2 , and 
notice that either 


Xxf 1 ... Xx£ n .ri -w Xxf 1 ... Xx£ n .r" 
Aarf 1 ... Xx„ n .r' 2 = Xxf 1 ... Xx£ n .r 2 


Xxf 1 

\ 7‘* ^ 1 



XXn n .r[ = 


• (r' x + r 2 )si... s n , with 


ri 

r 2 


r'iSi 

r 2 si 


The only possible ^--reductions from this term are: 
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— (r' x + r!j)si... s'... s n <=^* r^si... s(... s„ + r^si... s'... s r 
with Sj s-. 

Notice that 

r'jSi... s„ r'jSi... si... s„ 

TgSi... s„ r^Si... si... s„ 


- (*f + r^si • •. s„ 

with either (r( ■—> r" and r 2 = rij), or (r( = r" and r 2 c 
In any case, it is equivalent to r"si... s„ + r 2 Si ... s r 
that either 

r^si... s n -w r"si... s„ 
risi...s„ = r 2 sj... s n 
or 


r' x si... s„ = r"si... s„ 
risi...s„ ri,'si... s„ 


• Tr Al AA 2 {r' 1 +r , 2 ), with 


ri 

r 2 


TTAi(ri) 
7TA 2 (r 2) 


The only possible ^--reductions from this term are: 


1-2 )• 

and notice 


- tt Ai aA 3 (ri + r' 2 ') 

with either (r', >—> r") and (ri, = r 2 ) or (r( = r" and r 2 ri,'). 
Notice that either 


7TA! (r'l) 7TAi(r") 

tta 2 ( r 2 ) = 7TA a (rjQ 

TTAiW} = TTA^C r") 

7TA 2 (ri,) TTAz ( r 2) 


— ti + t2 

with r( ti +t( and r 2 t2 + 1 2 . 
Notice that 

tta, (r'j) ti 

7TA 2 (r 2 ) t 2 


- ri +r 2 - 
Notice that 


TAi (ri) ri 

7rA 2 (r 2 ) r' 2 


Lemma 3.15. If r € SN, then A x A .r£ SN. 


□ 


Proof. First we prove the following property: If Ax 4 .r <=^* s >—>- s', then, there 
exists t such that s' <=^* Ax' 4 .t, with r t. Once this property is proven, we 
have that if Ax 4 .r is not in SN, then for each s in the infinite reduction path, 
s Ax 4 .t such that r t, which is absurd since r e SN. 

We proceed to prove the needed property. The possible terms s Ax 4 .r 
are: 
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r'. This is the trivial case. 


• Xx A .r', with r 

• \x A .Yi + \x A .r 2 
with r ri + r 2 ■ 

The only possible ^-reduction from this term is: 

Aa; A .r^ + Xx A .r' 2 

with (ri c —> r[ and r 2 = r' 2 ) or (ri = r' x and r 2 c ->- r' 2 ). 

In any case, ri + r 2 r[ + r 2 . 

• T^A^-Bx (tTa=S.B 2 (• ■ • KA^B n ( Xx A .r'))) 
with r ri* n Bl (kb 2 (• ■ ■ n Bn (r'))). 

The only possible ^--reductions from this are: 

- T4 ^Bi {ka=>b 2 (- ■■n A ^ Bn (Xx A .r"))), with r' r". 

Notice that r n Bl (7r Ba (• ■ ■ n Brl (r"))). 

- 7 TA^B' t (7fJUs-JJj. (AA=>B 2 (• • • 7 TA^B n (AxAr')))) 

+7TA=S>B" (tTA^-Bi (77^^ b 2 (. • • 7r J 4=>B„(Aa; A .r')))) 

with Bi = A B". 

Notie that, since r ri + r 2 , otherwise the rule <5 would not have 
been applied, we have 

r 7r s / (7r Sl (7 tb 2 (• • • tt b „ (r")))) + tt B " (7r Bl (ttb 2 (• • ■ tt b „ (r")))) □ 

Lemma 3.16. If r £ [can (A)] and sg [can(B)J, then r+sG [can(A A .B)]. 

Proof. Let can (A) = /\i=i (&j)j~ 1 => T and can(B) = AiLfc+i r > so 

can(A A B) = A"=i =► t. Then we have that for alH = 1,..., fc, if for 

j = 1,..., m», ty G [Sy], then 7_^ T (r)t* € SN and for all i = k+ 1,..., n, 
if for j = 1,..., rrn, ty G (5yJ, then ^ T (s)tj G SN. Therefore, for all 

i = 1,..., n, if for j = 1,..., my ty G [Sy], we have Trp^yu _^(r + s)tj G SN, 
sor + sG[can(j4AB)]. □ 

Let cr be a term substitution. We write err for r after the substitutions a. 
We say that a is adequate if for all x A , a(x A ) G [can(A)]. 

The following lemma shows that any adequate substitution applied to a term, 
is in the interpretation of the type of such term. This lemma, together with 
Lemma 3.12, implies that a typed term is strongly normalising (Theorem 3.18). 

Lemma 3.17 (Adequacy). If r: A and a adequate, then ar G [can(A)|. 

Proof. We proceed by induction on the typing derivation. 

• Let x A : A be a consequence of rule (ax). Since a is adequate, cr(x A ) G 
[can(A)J. 
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Let r : B be a consequence of r : A, A = B and rule (=). By the induction 
hypothesis Vcr adequate, err G [can(A)|, so by Lemma 3.10, err £ [can(B)|. 

Let Ax A .r : A => B be a consequence of r : B and rule (=>,;). Let can (A) = 
A" =1 W0TiLi T and can(B) = (Rjk)k= 1 r - By the induction 
hypothesis, err G [can(B)J, that is, for all j, if s jk £ for k = 

1,..., h], then 7(crr)s j £ SN. Notice that aXx A .r = Ax" 4 .err. 
We must show that 


Ax" 4 .err G f\ ((SufiU => r) i=1 =► (R jk ) k L t 


that is, we must show that \/j, if for i = 1,..., n, t* G |(S'j;); > =i r | and 
for k = 1,..., hj, s jk £ [itjfe], then 

(Ax A .err)tSj G SN 




By Lemma 3.3, A m can(A), so 




(Xx A .ar)tSj 


.tw-tS- ^ (AxAr=i 


* 7 r CR^)fei 1 =i>r ^ A:cAr=1 

* 7r ra H i ^ r (( AxA " =1 (Sil) ^ T -(rr)(f2 U))*j 


Since err is in SN, by Lemma 3.15, Ax" 4 .err G SN, and then by Lemma 3.13, 




{\x A . 


) £ SN, hence Ax A .7i 


(or) G 


SN . And since also t, Sj G SN, we can proceed by induction on the sum of 
the number of steps to reach the normal form of each of these terms. The 
possible reductions fired from 7 r —— --n — - hj (Xx A .crr)tSj are: 

( \Sil ) l = 1 = ^ r )i=l^ \^j fc )k = 1 = ^ T 


— reducing one of tj,Sjfc, Ax" 4 .err or Xx A . n ^ _^_(ot) , then the 
induction hypothesis applies, 

— 7 =;>T (crr[^" =1 t*/x])sj. Then consider a' = cr, [J2=i t*/x]. 
By Lemma 3.16, cr' is adequate, hence 
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using rule («). From this term, the only possible reductions are like 
in the two previous cases ((S) cannot be applied twice). Hence the 
term is in SN. 


Let rs : B be a consequence of r : A => B, s : A and rule (=k e )- Let 
can(A) = Afet ($ih)hl 1 =► T and can(H) = A°=i ( R jkf k Li =► t, then 

can (A => B) = A"Lr {.(Sih)^ => r) i=1 =► {Rjkf k=1 =>• r. By the induc¬ 
tion hypothesis, if er adequate, err £ [can(H =>• B)J and ers € [can(A)], 
that is, for j = 1,..., m, if for i = 1,..., n, tji G and for 

fc = 1,... ,p fc , G then 


7r ({S^)ti l ^r)r =1 =i-CR^ii= 


(crr)tjUj £ SN 


Remark that 


r ((S ih )^ 1 ^r). =1 ^(R :lk ) P k i 1 ^T 


(crr)tjUj 




hence since err G [can(A => £?)], by Lemma 3.16, if e |[ c an(^4)l, 

then 5^) n - e SN. Since we have 

ers £ [can (.A)], we have that n 7 —-^ -rn . .. g . (err)ersrL is <=**- 

equivalent to v* u ^ T (( crr ) crs )Rj = = j, T (cr(rs))uj £ SN, and 

so er(rs) G [can(B)]T' 

Let r + s : AAB be a consequence of r : A, s : B and rule (Ai). By 
the induction hypothesis, Vcr adequate, err G [can(A)] and ers G [can(B)J, 
hence by Lemma 3.16, err + us G [can(.4 A £?)]. Notice that err + ers = 
cr(r + s). 

Let 7TA(r) : A be a consequence of r : A A B and rule (A en ). By the 
induction hypothesis, Ver adequate, err G [can(j4 A £?)]. Let can (A) = 
Ai=i (S«)£i t and can(B) = A"=fc+i L\ => t, then we have err G 
[can(4 A B)] means that V*, if Vj, Sij G [6#], then ^, T (<rr)sj G 

SN. 

We need to prove that 

(S^)™\=>r( CTr )) g i ^ e SN 

By Lemma 3.13, it suffices to prove it^ _^ T (<rr)sj G SN. If fe = 1, 

then we are done. In other case, we proceed by induction on the sum of the 
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number of steps to reach the normal form of or , s\ and (or) 

(which is in SN by Lemma 3.13). The possible reductions fired from 
n AUJS-)^r(^ are: 

— reducing one of or, s', s J or 7T^ fc Js~j rni ^ T ( (Tr ); then the induc¬ 
tion hypothesis applies, 

— r'sj, with r' : /\f=i T and err = r' + t or just err = r'. 

Since 7r ( 5 ^j m « =;>T (crr)s ; ; <=^ 7r r (crrs,;) 6 SN which is equal either to 
7r T ((r'-|-t)si) € SN, then we have ^(r'sj+tSj) € SN, or to 7r T (r'sj) € 
SN, in any case we can conclude r's, e SN. 

— ?r C ? i( ,r A * =1 T&^=^ T ( OTr ) S <) + * c i( 7r Af =1 (S^\^r( 0T ) § «)> Usin S rule 

(i5). Prom this term, the only possible reductions are like in the two 
previous cases ((5) cannot be applied twice). Hence the term is in 

SN. 

— Any other reduction involving first using nisT e( ,-rule, are analogous to 
the previous case. 

• Let 7TA(r) : A be a consequence of r : A and rule (A ei ). By the induction 

hypothesis err € [can(A)], that is, if can(A) = /\"=i (Sij)™= i A for all 
4, if for all j, Sij £ [can(Sy)], then 71 -^-^ ^(err)^ € SN. Notice that 
since err : A, we have ^ T (crr}sj 7r T ((crr)si), hence (<rr)s, € SN, 

so tta (crr)sj £ SN, which implies 7 r^-ym 4 _^ t (tta(o'?))§) € SN. □ 

Now we can prove strong normalisation as a corollary of Lemma 3.17. 
Theorem 3.18 (Strong normalisation). If r : A, then re SN. 

Proof. If r : A, by Lemma 3.17, for all a adequate, or e [can(A)J. Take 
cr = identity, and notice that it is adequate (cf. proof of Lemma 3.11), then 
err = r e [can(A)J, which by Lemma 3.12, is in SN. □ 

3.2. Characterisation of Typed Closed Normal Forms 

In this section, we give a characterisation of typed closed normal forms 
(Theorem 3.20), for which we need the following auxiliary result. 

Lemma 3.19. If r : A A B and FV(r) = 0, then 7iyi(r) reduces using at least 
one reduction ir n (that is, a projection discarding part of the term, in contrast 
with reduction m, which keep the whole term). 

Proof. We proceed by structural induction on r. 

• If r = Xx c .s then A = C => A' and B m C => B' , with s : A! A B'. So, 
irc^A' (\x G .s) W Ax c .tta' (s), which by the induction hypothesis reduces 
using at least one ir n reduction. 
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• If r = rir 2 then ri : C => (A A B), so 7TA(rir 2 ) ?=* 7rc=>-A(ri)r 2 . We 
conclude with the induction hypothesis. 

• If r = ri + r 2 the cases are: 

— ri : A and r 2 : B, then 7TA(r) e -t 7r * ri 

— ri : A A B\ and r 2 : S 2 , with B = B\ A B 2 , then, by the induction 
hypothesis, tt^i (r j ) reduces using at least one n n reduction, and so 
7 ta( ri + r 2 ) does the same. 

— ri : At A B and r 2 : A 2 A B, with A = Ax A A 2 , then 7TA(ri + r 2 ) ^ 
7i‘AiAA 2 ( r i+ r 2) 7rAi(ri)+7TA 2 (r 2 ), and by the induction hypothesis 
both 7TAi(ri) and 7TA 2 (r 2 ) reduce using at least one 7r n reduction. 

• If r = 7Tc(s), then C = A A B and s : A A B A D, so by the induction 

hypothesis, 7fcr(s) reduces using at least one n n reduction, hence -k a (nc(s)) 
does the same. □ 

Theorem 3.20 (Characterisation of typed closed normal forms). If r : A and 
FV(r ) = Red(r) = 0, then there exists A \,... , A n , tj : Bj for j = 1,... ,m and 
Ci,... ,C m , withn+m> 1 suchthatrJ2i =i Xx Ai .Si+YfJl l =1 (Xx BiACi .Tj)tj. 

Proof. We proceed by structural induction on r. 

• If r = Xx A .s, then we are done. 

• If r = rir 2 , then ri : B =£* A, r 2 : B. So, by the induction hypothesis 
ri <=** X)" = i Xx Ai .Si + YljLi(Xx C:i ADi hence 

rir 2 Xx Ai .Si + ^2(Xx G * ADj .r'-)tj)r 2 

X^(Ax^.Si)r 2 + jr,(Xx GjAD i.r'^tjVi 

• If r = ri + r 2 , then for j = 1,2, : A'-, so by the induction hypothesis 

r i Sr=i Xx Ai .si + Y^jLi(Xx B: > AC:l .rj)tj and r 2 v±* Y^i= n +1 Xx Ai .s , *%>■ 

X)j= TO+ i {Xx B i AGi Xj)tj , SO r Etl XxAt - S * + X^=l {Xx B J AC i .Tj)tj. 

• If r = 7ta(s), then s : A A B, indeed, s cannot have type A because 

Red(7TA(s)) = 0. So, by Lemma 3.19, Red(-7TA(s)) ^ 0. □ 

4. Computing with our Calculus 

4-1. Pairs (and lists) 

Because the symbol + is associative and commutative, our calculus does not 
contain the usual notion of pairs. However it is possible to encode a deterministic 
projection, even if we have more than one term of the same type. An example, 
although there are various possibilities, is given in the following table: 
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Standard 

Encoding 

(r, s) : A A A 

Aar^.r + Xx 2 .s : 1 => A A 2 => A | 

7Ti(r,s) 

tt\^a(Xx 1 .y + Xx 2 .s)y l 


where types 1 and 2 are any two different types. This example uses free vari¬ 
ables, but it is easy to close it, e.g. use A y.y instead of in the second line. 

Moreover, this technique is not limited to pairs. Due to the associativity 
nature of +, the encoding can be easily extended to lists. 

4-2. A deterministic subsystem 

In the previous section we have seen how to encode a pair, transforming the 
non-deterministic projection into a deterministic one via an encoding. Another 
possibility, is to remove the non-deterministic behaviour of this calculus by drop¬ 
ping the isomorphisms (1) and (2), as well as rules comm and asso. Despite that 
such a modification would simplify the calculus—indeed, the projection can be 
taken as the standard projection—the resulting calculus would still count with 
distribution of application over conjunction and currification, two interesting 
features for a language. The former allows to execute a function only partially, 
when not all its results are needed. The latter can also be used to optimise 
programs when there are multiple calls to the same function, but one of its 
arguments is fixed. 

4-3. Booleans 

Example 2.8 on booleans actually overlooks an interesting fact: If A = 
B , then both T and F behaves as a non-deterministic projector. Indeed, 
Trs r, but also (Xx A .Xy B .x)rs (Xx A .Xy A .x)rs i=i (Xx A .Xy A .x)(r + s) 

(Xx A .Xy A .x)(s + r) (Xx A .Xy A .x)sr s. 

Similarly, Frs '—A s and also Frs r. Hence, A =>■ A =>■ A is not suitable 
to encode the type Bool. The type A =>■ A =>• A has only one term in the 
underlying equational theory. 

Fortunately, there are ways to construct types with more than one term. 
First, let us define the following notation. For any t, let write [t] A , the canon 
of t, that is, the term Xz A .t, where z A is a fresh variable not appearing in t. 
Also, for any term t of type A => £?, we write {t} A=s,B , the cocanon , which is 
the inverse operation, that is, {[t] A } A=}, ' B = t for any t : B. For the cocanon 
it suffices to take {t} A= ^ B = tXx A .y B . Therefore, the type ((A => A) => B) =>■ 
B => B has the following two different terms: tt := Xx B .X y^ A ^ A ^ B .x and 
ff := Xx ( ' A ^ >A ^ B .Xy n .{x} A ^ A . Hence, it is possible to encode an if-then-else 
conditional expression in the following way: If c then r else s := cr[s] A=>A . So, 
ttr[s] A=>A «-»>* r, while ffr[s] A ^ A 5^* ff[s] A ^ A r {[s] A ^ A } A -+ s. 

5. Conclusions, Discussions and Future Work 

In this paper we defined a proof system for propositional logic with an as¬ 
sociative and commutative conjunction, and a distributive implication with re¬ 
spect to it, where equivalent propositions get the same proofs. 
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5.1. Related Work 

5.1.1. Relation with other non-deterministic calculi 

As a consequence of the commutativity of conjunction, the projection in 
our calculus is not position-oriented but type-oriented, which entails a non- 
deterministic projection where if a proposition has two possible proofs, the pro¬ 
jection of its conjunction can output any of them. For example, if r and s are 
two possible proofs of A, then ha (r + s) will output either r or s. 

In several works (cf. [22, §3.4] for a survey), the non-determinism is modelled 
by two operators: The first is normally written +, and instead of distributing 
over application, it actually makes the non-deterministic choice. Hence (r + s)t 
reduces either to rt or to st [10]. The second one, denoted by ||, does not 
make the choice, and therefore (r || s)t reduces to rt || st [11], One way to 
interpret these operators is that the first one is a non-deterministic one, while 
the second is the parallel composition. Another common interpretation is that 
+ is a may-convergent non-deterministic operator, where type systems ensure 
that at least one branch converges (i.e. terminates), while || is a must-convergent 
non-deterministic operator, where both branches are meant to converge [8, 10, 
11,16]. In our setting, the + operator behaves like ||, and an extra operator {ha) 
induces the non-deterministic choice. The main point is that this construction 
arose naturally as a consequence of considering the isomorphisms between types 
as an equivalence relation. Our type system ensures the termination of all the 
branches (Theorem 3.18), therefore ensuring must-convergence. 

5.1.2. Relation with the selective X-calculus 

In a work by Garrigue and A'ft-Kaci [20] , only the isomorphism 

A => (B => C) = B => (A => C). (5) 

has been treated, which is complete with respect to the function type. Our 
contribution with respect to this work is that we also consider the conjunction, 
and hence four isomorphisms. Notice that isomorphism (5), in our setting, is 
a consequence of currification and commutation, that is A A B = B A A and 
{AaB)=>C = A=>B=>C. 

Their proposal is the selective A-calculus, a calculus including labellings to 
identify which argument is being used at each time. Moreover, by considering 
the Church encoding of pairs, isomorphism (5) implies isomorphism (1) (com¬ 
mutativity of A). However their proposal is different to ours. In particular, we 
track the term by its type, which is a kind of labelling, but when two terms 
have the same type, then we leave the system to non-deterministically choose 
any proof. One of our main novelties is, indeed, the non-deterministic projector. 
However, we can also get back determinism, by encoding a labelling, as discussed 
in Section 4, or by dropping some of the isomorphisms (namely, associativity 
and commutativity of conjunction). 
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5.2. Future Work 

5.2.1. Adding more connectives 

A subtle question is how to add a neutral element of the conjunction, which 
will imply more isomorphisms, e.g. AAT = A, A=^T = T and T => A = A. 
Notice that within our system, T => T = T would make it possible to derive 
(\x T .xx)(\x T .xx) : T, however this term is not the classical fi, it is typed by 
T, and imposing some restrictions on the beta reduction, it could be forced not 
to reduce to itself but to discard its argument. For example: “If A = T, then 
(Aa; A .r)s Xx A .r, in other case, do the standard beta-reduction”. 

5.2.2. Probabilistic and quantum computing 

A second line is the probabilistic interpretation of the non-determinism in our 
calculus. In [15] a probability space over the set of non-deterministic execution 
traces is defined. This way, our calculus is transformed into a probabilistic calcu¬ 
lus instead of just a non-deterministic one, providing an alternative way for more 
complex constructions. Moreover, the original motivation behind the linear al¬ 
gebraic extension of lambda calculus [4] and its vectorial type system [2] was to 
encode quantum computing on it by considering not only non-deterministic su¬ 
perpositions, but formal linear combinations of terms. A projection depending 
on scalars could lead to a measurement operator in a future design. This is a 
promising future direction we are willing to take. 
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